From: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
To: Johannes Zink <j.zink@pengutronix.de>
Cc: users@linux.kernel.org, tools@linux.kernel.org, kernel@pengutronix.de
Subject: Re: b4: Feature-Request: use salted hash for change-id instead of descriptive-name when using b4 prep
Date: Fri, 2 Jun 2023 12:50:09 -0400 [thread overview]
Message-ID: <20230602-speckled-modulator-ebdc37@meerkat> (raw)
In-Reply-To: <837ab11e-e6c7-0dc6-9377-7889910aea09@pengutronix.de>
On Fri, Jun 02, 2023 at 10:00:11AM +0200, Johannes Zink wrote:
> Hi,
>
> first of all: thanks for creating and maintaining b4, it makes my daily
> kernel developer's life so much easier...
>
> Accidentally I came across a (documented [1]) behaviour of b4 prep that is a
> little dangerous for my workflow: the descriptive-name is incorperated in
> the MessageID and the changeID in plaintext.
>
> While for most applications this is probably fine, sometimes I use branch
> names along the line of
> "upstream-feature-for-$super_secret_customer_project" (or some other stupid
> branch names [2] - which it at least a bit funny if you know german...),
> which poses a risk of actually leaking information I do not want to be
> leaked.
Hm.. this is a certainly not a workflow scenario I had considered.
> I would like to ask if there is a possibility to change this to using a
> salted hash instead (salt is probably required due to rainbow table attacks)
> for messageID and changeID. If this would break some workflows, it could
> possibly be added as an optional command line argument for b4 prep?
I will consider this request. For now, you can manually edit the cover letter
commit to change the JSON bit there that records the change-id.
E.g. right after you create a new b4-tracked branch using "b4 prep -n", you
can run "git commit --amend --allow-empty" and modify the change-id to be
whatever you like. Note, that you should only do this before you send out any
revisions.
-K
next prev parent reply other threads:[~2023-06-02 16:50 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-02 8:00 b4: Feature-Request: use salted hash for change-id instead of descriptive-name when using b4 prep Johannes Zink
2023-06-02 16:50 ` Konstantin Ryabitsev [this message]
2023-06-05 6:10 ` Johannes Zink
2023-06-05 7:26 ` Mattijs Korpershoek
2023-06-05 7:32 ` Johannes Zink
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230602-speckled-modulator-ebdc37@meerkat \
--to=konstantin@linuxfoundation.org \
--cc=j.zink@pengutronix.de \
--cc=kernel@pengutronix.de \
--cc=tools@linux.kernel.org \
--cc=users@linux.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.